averello/git-mirror
1
0
Fork 0
mirror of https://github.com/git/git.git synced 2025-12-12 20:36:24 +01:00
Code Issues Packages Projects Releases Wiki Activity

wincred: avoid memory corruption

Browse Source 
`wcsncpy_s()` wants to write the terminating null character so we need
to allocate one more space for it in the target memory block.

This should fix crashes when trying to read passwords.  When this
happened, the password/token wouldn't print out and Git would therefore
ask for a new password every time.

Signed-off-by: David Macek <david.macek.0@gmail.com>
Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
This commit is contained in:
David Macek
2025-11-17 20:39:44 +00:00
committed by Junio C Hamano
parent f368df439b
commit d22a488482
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
contrib/credential/wincred/git-credential-wincred.c
View File

@@ -165,7 +165,7 @@ static void get_credential(void)
write_item("username", creds[i]->UserName, write_item("username", creds[i]->UserName,
creds[i]->UserName ? wcslen(creds[i]->UserName) : 0); creds[i]->UserName ? wcslen(creds[i]->UserName) : 0);
if (creds[i]->CredentialBlobSize > 0) { if (creds[i]->CredentialBlobSize > 0) {
secret = xmalloc(creds[i]->CredentialBlobSize); secret = xmalloc(creds[i]->CredentialBlobSize + sizeof(WCHAR));
wcsncpy_s(secret, creds[i]->CredentialBlobSize, (LPCWSTR)creds[i]->CredentialBlob, creds[i]->CredentialBlobSize / sizeof(WCHAR)); wcsncpy_s(secret, creds[i]->CredentialBlobSize, (LPCWSTR)creds[i]->CredentialBlob, creds[i]->CredentialBlobSize / sizeof(WCHAR));
line = wcstok_s(secret, L"\r\n", &remaining_lines); line = wcstok_s(secret, L"\r\n", &remaining_lines);
write_item("password", line, line ? wcslen(line) : 0); write_item("password", line, line ? wcslen(line) : 0);